import org.springframework.security.providers.UsernamePasswordAuthenticationToken as AuthToken
import org.springframework.security.context.SecurityContextHolder as SCH

/**
 * Registration controller.
 */
class RegisterController {

    def authenticateService
    def daoAuthenticationProvider
    def emailerService

    static Map allowedMethods = [save: 'POST', update: 'POST']

    /**
     * User Registration Top page.
     */
    def index = {

        // skip if already logged in
        /*if (authenticateService.isLoggedIn()) {
              redirect action: show
              return
          }*/

        if (session.id) {
            def person = new AuthUser()
            person.properties = params
            return [person: person]
        }

        redirect uri: '/'
    }

    /**
     * User Information page for current user.
     */
    def show = {

        // get user id from session's domain class.
        def user = authenticateService.userDomain()
        if (user) {
            render view: 'show', model: [person: AuthUser.get(user.id)]
        }
        else {
            redirect action: index
        }
    }

    /**
     * Edit page for current user.
     */
    def edit = {

        def person
        def user = authenticateService.userDomain()
        if (user) {
            person = AuthUser.get(user.id)
        }

        if (!person) {
            flash.message = "[Illegal Access] User not found with id ${params.id}"
            redirect action: index
            return
        }

        [person: person]
    }

    /**
     * update action for current user's edit page
     */
    def update = {

        def person
        def user = authenticateService.userDomain()
        if (user) {
            person = AuthUser.get(user.id)
        }
        else {
            redirect action: index
            return
        }

        if (!person) {
            flash.message = "[Illegal Access] User not found with id ${params.id}"
            redirect action: index, id: params.id
            return
        }

        // if user want to change password. leave passwd field blank, passwd will not change.
        if (params.passwd && params.passwd.length() > 0
                && params.repasswd && params.repasswd.length() > 0) {
            if (params.passwd == params.repasswd) {
                person.passwd = authenticateService.encodePassword(params.passwd)
            }
            else {
                person.passwd = ''
                flash.message = 'The passwords you entered do not match.'
                render view: 'edit', model: [person: person]
                return
            }
        }

        person.userRealName = params.userRealName
        person.email = params.email
        if (params.emailShow) {
            person.emailShow = true
        }
        else {
            person.emailShow = false
        }

        if (person.save()) {
            redirect action: show, id: person.id
        }
        else {
            render view: 'edit', model: [person: person]
        }
    }

    /**
     * Person save action.
     */
    def save = {

        // skip if already logged in
        /*if (authenticateService.isLoggedIn()) {
              redirect action: show
              return
          }*/

        def authUser = new AuthUser()
        authUser.properties = params

        def config = authenticateService.securityConfig
        def defaultRole = config.security.defaultRole
        def role
        if (params.authority.id) {
            role = AuthRole.get(params.authority.id)
        }else if (flash.authority.id) {
            role = AuthRole.get(flash.authority.id)
        } else {
            role = AuthRole.findByAuthority(defaultRole)
            if (!role) {
                authUser.passwd = ''
                flash.message = 'Default Role not found.'
                render view: 'index', model: [person: authUser]
                return
            }
        }

        /*if (params.captcha.toUpperCase() != session.captcha) {
              authUser.passwd = ''
              flash.message = 'Access code did not match.'
              render view: 'index', model: [authUser: authUser]
              return
          }*/

        if (params.passwd != params.repasswd) {
            authUser.passwd = ''
            flash.message = 'The passwords you entered do not match.'
            render view: 'index', model: [person: authUser]
            return
        }

        def pass = authenticateService.encodePassword(params.passwd)
        authUser.passwd = pass
        authUser.enabled = true
        authUser.emailShow = true
        authUser.description = ''

        if(params.'person.id'){
            def person = Person.get(params.'person.id')
            authUser.person = person
        }

        if (authUser.save()) {
            role.addToPeople(authUser)
            /*if (config.security.useMail) {
                   String emailContent = """You have signed up for an account at:

    ${request.scheme}://${request.serverName}:${request.serverPort}${request.contextPath}

    Here are the details of your account:
    -------------------------------------
    LoginName: ${authUser.username}
    Email: ${authUser.email}
    Full Name: ${authUser.userRealName}
    Password: ${params.passwd}
   """

                   def email = [
                       to: [authUser.email], // 'to' expects a List, NOT a single email address
                       subject: "[${request.contextPath}] Account Signed Up",
                       text: emailContent // 'text' is the email body
                   ]
                   emailerService.sendEmails([email])
               }*/

            authUser.save(flush: true)

//			def auth = new AuthToken(authUser.username, params.passwd)
//			def authtoken = daoAuthenticationProvider.authenticate(auth)
//			SCH.context.authentication = authtoken
            redirect uri: '/'
        }
        else {
            authUser.passwd = ''
            render view: 'index', model: [person: authUser]
        }
    }
}
